I'm really new to IP SLA / Object Tracking, and somewhat familiar with EEM.
On my routers that all run IOS version 12.4 and higher, I need to trigger an interface to "shutdown", if there is no ping response from a specific IP address.
I *believe* I would need to configure an IP SLA to do a forever ping to the IP.
Then I need the loss of a ping to trigger a syslog message. Not sure if this happens automatically, or if I need to configure the ip sla to trigger syslog when the ping is lost.
At which point I could configure an EEM script to shutdown the interface, should this ping-loss-syslog message appear.
Am I on the right track? Any suggestions for the IP SLA config portion?
Here's my empirical stab at it:
track 100 rtr 99 reachability
delay down 10 up 60
! consider it "down" if down for 10 secs, consider it "up" if up for 60 secs
ip sla 99
icmp-echo 10.x.x.x source-interface s0/0/0
ip sla schedule 99 life forever start-time now
event manager environment _interface_to_shut fa0/0/0
event manager applet shut_some_interface
event track 151 state down
action 1 cli command "conf t"
action 2 cli command "interface $_interface_to_shut"
action 2 cli command "shut"
action 3 cli command "end"
action 4 syslog priority errors msg "10.x.x.x unpingable; shutting down $_interface_to_shut"
"Effective with Cisco IOS Release 12.4(20)T, 12.2(33)SXI1, 12.2(33)SRE and Cisco IOS XE Release 2.4,
the track rtr command is replaced by the track ip sla command."
This applet is almost correct., but there is one big no-no. Users must NEVER use '_' as the first character in a variable name. Variables beginning with '_' are reserved for Cisco internal use. The thing that will prevent it from working is that you forgot:
action 0 cli command "enable"
If you do not become enabled, nothing else will work.
Finally, this applet assumes 12.4(2)T or higher. If the customer is running 12.4 mainline, this applet will not work as there is no Enhanced Object Tracking support. A different approach would be required there.
It was certianly the "easy way out".
Please do share how to accomplish this with EEM 2.2/2.3 and/or without object tracking. I suppose it'd need Tcl scripting?
For versions of code with the fix for CSCsh45081, you can use the syslog ED to react to the tracked object changing state:
event manager applet track-down
event syslog pattern "TRACKING-5-STATE: 10 .*Up->Down"
action 1.0 ...
Syslog ED seems to be in EEM 1.0, according to this link:
Does this mean this exercise can be accomplished with EEM 1.0?
No. The code in which these syslog messages was added generally means that EEM 2.1 will be required.
Thanks Joseph for your examples.
I have a question that's not entirely related to this topic, but what determines if a software image has Enhanced Object Tracking as an event available to EEM?
I have a 3850 running cat3k_caa-universalk9.SPA.03.03.02.SE.150-1.EZ2.bin image, with ipservices enabled. However "track" is still not a supported event or a correlate trigger.
The Catalyst images don't typically have the track ED. However, you can usually work around that very easily by reacting to the syslog message generated when a tracked object changes state.
To save cost, I want to see if we can monitor ping response by just EEM but no IPSLA (save Data License on ISR-G2 or IP Services License on Catalyst)
Any chance can we monitor ping response by just EEM and TCL script ?